General

  • Target

    143cb1d36f1f16b09762b6847822d06f_JaffaCakes118

  • Size

    205KB

  • MD5

    143cb1d36f1f16b09762b6847822d06f

  • SHA1

    726d6ab9d90892b7edf1d060af79b95bb124e277

  • SHA256

    e1c6a68a2ed3a1047ea46c2653c60bb1c111c7af5aebb0a67799b0e8b691fc56

  • SHA512

    8881939d0d50d1de73467e2202f819569e5830cc0277748eaac7a76e90c7f7657e335ceb6fa2733d3b99fa4d855a5dbbaebebd1314651aa82e02de32dbb1e689

  • SSDEEP

    1536:NtPrT8wrLT0NeXxz1DwetHrTPByf5J8bzj+dD1d38pkFiowm8MbIcd1k:N2w3keXxz1DfNYkoDz8pkTd8Mo

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 143cb1d36f1f16b09762b6847822d06f_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5

    UserForm6